Unrated severityNVD Advisory· Published May 16, 2002· Updated Apr 16, 2026

CVE-2002-0196

Description

GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root.

Affected products

Acd Incorporated/Cwpapi
cpe:2.3:a:acd_incorporated:cwpapi:1.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sourceforge.net/forum/forum.phpnvdPatch
www.iss.net/security_center/static/7981.phpnvdPatchVendor Advisory
online.securityfocus.com/archive/1/251699nvd
www.securityfocus.com/bid/3924nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000